Johnston, RI · On-site +1
$133K - $190K/yr
... 1 remote in one of the following organizational hubs: Johnston, RI - Westwood OR Boston, MA ... This role owns the application security program end to end, ensuring secure software development ...
Johnston, RI · On-site +1
$133K - $190K/yr
... 1 remote in one of the following organizational hubs: Johnston, RI - Westwood OR Boston, MA ... This role owns the application security program end to end, ensuring secure software development ...
Dover, DE · On-site +1
This position can be remote/work from home anywhere in the US. Responsibilities Lead the design and ... data analytics software (e.g., Tableau, etc.) Strong interpersonal, verbal and written ...
Dover, DE · On-site +1
This position can be remote/work from home anywhere in the US. Responsibilities Lead the design and ... data analytics software (e.g., Tableau, etc.) Strong interpersonal, verbal and written ...
$15.38 - $21.96
0% of jobs
$21.96 - $28.54
0% of jobs
$28.54 - $35.12
0% of jobs
$35.12 - $41.70
3% of jobs
$41.70 - $48.27
7% of jobs
$52.71 is the 25th percentile. Wages below this are outliers.
$48.27 - $54.85
21% of jobs
The median wage is $59.93 / hr.
$54.85 - $61.43
23% of jobs
$67.83 is the 75th percentile. Wages above this are outliers.
$61.43 - $68.01
20% of jobs
$68.01 - $74.58
13% of jobs
$74.58 - $81.16
7% of jobs
$81.16 - $87.74
4% of jobs
$15
$61
$87
$133K - $190K/yr
Full-time
Medical, Dental, Vision, Retirement, PTO
Posted 7 days ago
Manager, Application Security
Hybrid Work Arrangement
Hybrid work arrangement required with 4 days on site and 1 remote in one of the following organizational hubs: Johnston, RI - Westwood OR Boston, MA - Iselin, NJ - Manchester, NH
The Manager, Application Security is responsible for leading, scaling, and maturing enterprise application security capabilities across a complex technology environment. This role owns the application security program end to end, ensuring secure software development practices are embedded into the SDLC while balancing regulatory, risk, and business requirements.
As part of the cybersecurity organization, this role partners closely with engineering, platform, cloud, DevOps, and risk teams to drive measurable risk reduction without slowing delivery.
Key Responsibilities
Lead the enterprise application security program across web, API, and mobile platforms
Define and execute the application security vision, strategy, and roadmap aligned to business and risk objectives
Establish and enforce application security standards, secure coding practices, and control requirements
Partner with engineering leadership to embed security into architecture, design, and delivery decisions
Oversee integration of application security testing tools, including SAST, DAST, and SCA, into CI CD pipelines
Lead application security assessments and risk based remediation planning
Provide threat informed guidance to engineering teams on high risk vulnerabilities and design patterns
Collaborate with vulnerability management, cloud security, and infrastructure teams to drive cohesive risk reduction
Establish governance, metrics, and reporting to measure application security maturity and effectiveness
Represent application security in audit, regulatory, and risk management engagements
Translate technical security risks into clear, business relevant insights for senior leaders
Build, mentor, and develop application security engineers and subject matter experts
Continuously improve tooling, automation, and processes to scale AppSec capabilities efficiently
Required Experience and Skills
10 plus years of cybersecurity experience with a strong focus on application security
5 plus years of people or program leadership experience operating an application security program in an enterprise environment
Deep understanding of application security risks, including OWASP Top 10 and API security threats
Hands on experience with modern SDLC, CI CD, and DevSecOps practices
Experience implementing and managing application security testing tools and processes
Ability to assess application architecture, design patterns, and authentication and authorization models
Strong experience partnering with engineering teams to drive secure by design outcomes
Excellent written and verbal communication skills, including executive level reporting
Proven ability to influence engineering, product, risk, and compliance stakeholders
Preferred Experience
Experience in highly regulated industries such as financial services or healthcare
Familiarity with cloud native and microservices based architectures
Experience with API security platforms and runtime visibility tools
Background in penetration testing or threat modeling
Experience defining application security metrics, KPIs, and maturity models
Education and Certifications
Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field
Preferred certifications include CISSP, CISM, CISA, GPEN, or equivalent
Pay Transparency
The salary range for this position is from $133,000 to $190,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to work location, relevant skills, and experience.
We offer competitive pay, comprehensive medical, dental, and vision coverage, retirement benefits, maternity and paternity leave, flexible work arrangements, education reimbursement, wellness programs, and more. Citizens' paid time off policy exceeds the mandatory paid sick or paid time away policies of local and state jurisdictions in the United States. For an overview of our benefits, visit our Careers site - https://jobs.citizensbank.com/benefits.
#LI-Citizens1
Equal Employment Opportunity
Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.
Equal Employment and Opportunity Employer
Job Applicant Data Privacy Policy
Background Check
Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.
